LeafWatch Security Policy
Effective Date: January 1, 2026
Operated by D.R.P.H. HOLDINGS LLC
Security Overview
LeafWatch follows industry best practices to protect user data and system integrity.
1. Data Protection
- Encryption in transit (TLS 1.2+)
- Encrypted data storage
- Secure environment variable handling
- Backup testing and recovery planning
2. Access Controls
- Role-based access permissions
- Principle of least privilege
- Multi-factor authentication for administrative access
- Restricted production access
3. Application Security
- Input validation
- Output encoding
- Dependency monitoring
- Automated CI/CD checks
4. Infrastructure and Monitoring
- Segregated development, staging, and production environments
- Centralized logging
- Alerting for abnormal activity
- Routine patch management
5. Incident Response
LeafWatch investigates and contains incidents, notifies affected users where legally required, and documents remediation efforts.
6. Third-Party Services
LeafWatch relies on vetted providers for hosting, weather data, payment processing, and push notification delivery.
7. Responsible Disclosure
Report vulnerabilities to: [email protected]